From nobody Fri Dec 19 22:01:07 2025 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (mail-bn8nam12on2078.outbound.protection.outlook.com [40.107.237.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 574BB189B97 for ; Tue, 30 Jul 2024 19:21:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.237.78 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722367305; cv=fail; b=IRpYmvJWA416TWaaY4zP1O/y2abFHdDiuunseE7WBAvNQaTTfBs6J2bNnLwiYYEhiJRq5cT49S2ufWAoVt02uFQYvBoGqs8h7hCjboqYLWN33dfai8oSf6nPIFZHuWKIqzBq9YEMibpmTq1RDlkE+Sel/EVUwXLcUQ/b5wTm/GM= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722367305; c=relaxed/simple; bh=KMnNrU51AHoj7SypggOopSsUFQbVOXNKtOWQuOuQMvM=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=aaANu/Sft8zgNBrcKn7LE+tCTWFoG9eZ+9mIZX0/f0+jtb7iuUBYgqNoT5j7h9SSp6H1GkFNci7YK4pKRWXSaeBm9xTVJx2Fdvj8LwmyKnWvK/bn1iwNWZ10ZY6ZfUo0B5Xk3rygj3LEQzxkGfOuK1TdHgHnA0sa5hyUilxE3cA= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=0Lr5uLBB; arc=fail smtp.client-ip=40.107.237.78 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="0Lr5uLBB" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=yIecIjZF3Pzvtk0bleucNm6aKHvmPcPQ9Bfd6CQ1/t/Yl+oFxQsLpboQa40xPv4sY4R/QaNF6YaLmG60cTHQn5D7BXtyoj/QZlXpCbRW8f3dLIo8DY0bg3n0GX56HDmzd65JkJZ7n9RR7LelhEjY6r4fNA/YM+3eFjTdKzGr59rjMv8lvasIxp8LSuoOB9pgRonX2E21lw+qL5ry/54rU/FQdAJaDTX2A6xGPRXtsqYu3fl/eKkdg18uHvWXTCddQUXdvl9qvFJjyzdNBs0UZ5Z4KZGUtE0vfux4zQQ23g5ZywjEE0tcZ7NX64qG2JBEiUx3zvkdr/eAlV2AdmCyUQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xAW6P1BTBJSfNIUvVl8FqTOvvJPB1XAot5xkWOzWcuA=; b=WCcopJ0RJfIJyjHv6oTwZmUMn+EGEuQOK6hpqXeFZKrYD9zbY6ianWHKmOIfa7ekcONIFpA8vhE6KkR/3R0yB0kq/s53tj305PROFtlB6EO/fg73ZgzzDB8EZKQKlNd7alziYPPnflsDoKtle5SNr+bWpv4BUNk6EaEUg6fpMDDwKg0n7fTyFR80nRRsTN2hKAvq/k5nyd8hHCh6D4mT7LGOxC8YNhQa+kt3IavScdrOTsVhvadyNijhvE+SA6YLbthsJljBfk2bjsUJwLOgIwKq+1TAG2CYRyxwmpL8c7/hC/mK0iVZgjAtGOxflgOPSIjNJ/wSxAuUXlqGuvljkg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linux.intel.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xAW6P1BTBJSfNIUvVl8FqTOvvJPB1XAot5xkWOzWcuA=; b=0Lr5uLBBL0uQ5ihtcueWpMj+Hg48RFdQdb+kiJN+LS3D979V/lc55aoExgg+z8bGKFhwqDTTxpX27jfFJAPAjww3GDaD9/37PW9k+46zEwUq2EVE4UDKcukqC5f3Q2vRiAwo+8rqN9eHDvfn1XxnYR1wW5fbP+bRF5PMyAq3zQc= Received: from BN1PR10CA0026.namprd10.prod.outlook.com (2603:10b6:408:e0::31) by DM6PR12MB4233.namprd12.prod.outlook.com (2603:10b6:5:210::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7828.19; Tue, 30 Jul 2024 19:21:39 +0000 Received: from BN1PEPF00004682.namprd03.prod.outlook.com (2603:10b6:408:e0:cafe::9f) by BN1PR10CA0026.outlook.office365.com (2603:10b6:408:e0::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7784.34 via Frontend Transport; Tue, 30 Jul 2024 19:21:38 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BN1PEPF00004682.mail.protection.outlook.com (10.167.243.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7828.19 via Frontend Transport; Tue, 30 Jul 2024 19:21:37 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Tue, 30 Jul 2024 14:21:31 -0500 From: Ashish Kalra To: , , , , CC: , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v12 1/3] x86/boot: Skip video memory access in the decompressor for SEV-ES/SNP Date: Tue, 30 Jul 2024 19:21:22 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: <20240614095904.1345461-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN1PEPF00004682:EE_|DM6PR12MB4233:EE_ X-MS-Office365-Filtering-Correlation-Id: f913a7b2-3274-488a-a7e7-08dcb0ccd55f X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|82310400026|7416014|376014|1800799024|36860700013; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?GXvsiPJGeS23HD+wrg33C1I060edwWhbKXsuS33AYO0+qxZZYhZHqkFG23q0?= =?us-ascii?Q?5hH5nVwoaCjaPZIpbBxF2Uk7Y8BlfrprpONT0ivhVccYWeZKaDc0EaOETYPL?= =?us-ascii?Q?y/16gBppAyCKLobvA3huPliBtKCHZOwK0NnL5SsUYu3KafJhFk5gTwYPcms5?= =?us-ascii?Q?SySp106qG3K+96HWLmhpnI4ecCrVHrzLAqBlwpBXnM5qUbbibRZMoYQRgAPQ?= =?us-ascii?Q?weUCa6raICsuiwhbGmJToiifyy6iMJKhEfD9JwJBxVlLciBovkgm7cQN2FfX?= =?us-ascii?Q?f2A8Eqq6D58pIITa4M5D1M0C+P38CxUtwQc2qDxo6sV4RmQRUY8G2mb1UcWz?= =?us-ascii?Q?MA58/kPvnwVrGZbtUQG3NKkQ/jf34PNgvDDcDaDrd5oZioL6A4Nvf2poEQyz?= =?us-ascii?Q?rHwgeRueSDwyf5zCCheq0r9OuUKG9ouWq+sDI5Mz0nPFOzf/rOxzIfQ06cl6?= =?us-ascii?Q?RHPR5D2eVIqcL7W+tdH4aWgFhuRW2sk9Oa5hlGte/u01lBVQjupYMw12kxrl?= =?us-ascii?Q?gLB+TZ40n30Xhch9HmwIvDbk94ViAImMkMT/hjMBtYT+NTQk8g2g0ddEbPT1?= =?us-ascii?Q?PokUGSc/jG6wyd2bZMNvcSaeHRljarRvtzBzvneT19cYf/zBMlfo3WBMljcV?= =?us-ascii?Q?ONepSK41trjmEY2b+lQpc8gzTropnWbPK9F2c8uGP6bX2YKwrUpGMeQh8Bqb?= =?us-ascii?Q?aIHwlW0zZWyN+tLp8uaWIx/MNsKgWjg9tVwCTP2zrq1wWMZeR+S+3wjnvYeR?= =?us-ascii?Q?RBKid4oaupatcC1qYBeXbPf0U89jCVmHetNMA5cq3P58oRwPcHAYb/kDTNTP?= =?us-ascii?Q?b9gNciqSqLKVnTh3C2XKwJaiQD13AQguT1Zc76nc/0C4QfvMX9Kt/5ArfBNZ?= =?us-ascii?Q?csD4jTRmAgstKenzZVFK1O61qWRJ5bde8dXSJDGbSTu1+yXKoI8oOLYQipIV?= =?us-ascii?Q?KRP+YgCbKAi3aL2nLQqCyOai0hVc9P05TjkIyG3SnJuhsg4ICWDcCTfM8S8o?= =?us-ascii?Q?/IpzviYhJi+WkI/4pX49L4gNoKXLnclHGmcflTvhqu8VvL+jd7aC0Bq8T/O0?= =?us-ascii?Q?2/OmGOwDBo4KIUabk3W7QS2X/TrBIhTupkffySihJVCt8ylWggcUVB1qi/7N?= =?us-ascii?Q?8jm0eIT2XkcXY7u29TvJJ5XlvTX9TqmK11ibUnHCNSH2vgEkcb32PlLbeNQO?= =?us-ascii?Q?kZrXUVhbHo9G++ydExWC6yVdsm5Fx0o+YtSdQkI3Jkkn8TTVRjnfH4DO2MYS?= =?us-ascii?Q?s/uD/yhr/rPlSHfMLC4XA5t1Lb0dXhRW79Vt7PuZp3/8qNu4m0Co/mVPm1IS?= =?us-ascii?Q?1k1rv4cYfBayruVuNGocFwBlK7BRRrUkugGTO6k9psByx5p3CmKLabH933si?= =?us-ascii?Q?GjQXRf2A80ZV9k9b/HhkxPsTTJ4UkvtuHiY5kEX0sQvKKdIGgc6QGSloRinf?= =?us-ascii?Q?Z7nESksT/ozNwndmJK32/QGfa4GgPowP?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(82310400026)(7416014)(376014)(1800799024)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jul 2024 19:21:37.8775 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f913a7b2-3274-488a-a7e7-08dcb0ccd55f X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN1PEPF00004682.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR12MB4233 Content-Type: text/plain; charset="utf-8" From: Ashish Kalra Accessing guest video memory/RAM in the decompressor causes guest termination as the boot stage2 #VC handler for SEV-ES/SNP systems does not support MMIO handling. This issue is observed during a SEV-ES/SNP guest kexec as kexec -c adds screen_info to the boot parameters passed to the second kernel, which causes console output to be dumped to both video and serial. As the decompressor output gets cleared really fast, it is preferable to get the console output only on serial, hence, skip accessing the video RAM during decompressor stage to prevent guest termination. Serial console output during decompressor stage works as boot stage2 #VC handler already supports handling port I/O. [ bp: Massage. ] Suggested-by: Borislav Petkov (AMD) Suggested-by: Thomas Lendacky Signed-off-by: Ashish Kalra Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Kuppuswamy Sathyanarayanan Reviewed-by: Tom Lendacky --- arch/x86/boot/compressed/misc.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/arch/x86/boot/compressed/misc.c b/arch/x86/boot/compressed/mis= c.c index 944454306ef4..826b4d5cb1f0 100644 --- a/arch/x86/boot/compressed/misc.c +++ b/arch/x86/boot/compressed/misc.c @@ -385,6 +385,19 @@ static void parse_mem_encrypt(struct setup_header *hdr) hdr->xloadflags |=3D XLF_MEM_ENCRYPTION; } =20 +static void early_sev_detect(void) +{ + /* + * Accessing video memory causes guest termination because + * the boot stage2 #VC handler of SEV-ES/SNP guests does not + * support MMIO handling and kexec -c adds screen_info to the + * boot parameters passed to the kexec kernel, which causes + * console output to be dumped to both video and serial. + */ + if (sev_status & MSR_AMD64_SEV_ES_ENABLED) + lines =3D cols =3D 0; +} + /* * The compressed kernel image (ZO), has been moved so that its position * is against the end of the buffer used to hold the uncompressed kernel @@ -440,6 +453,8 @@ asmlinkage __visible void *extract_kernel(void *rmode, = unsigned char *output) */ early_tdx_detect(); =20 + early_sev_detect(); + console_init(); =20 /* --=20 2.34.1 From nobody Fri Dec 19 22:01:07 2025 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02on2063.outbound.protection.outlook.com [40.107.96.63]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9244218CBE7 for ; Tue, 30 Jul 2024 19:22:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.96.63 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722367325; cv=fail; b=AFgB7vWbwM/cdq9GVgh6NRwPyg/LBx/ZFRzI3Hx1M3L7uK25iP4mdE8Nkldzv8c6mEdmthH12JqU2zRieRjdk+bFNgnW4xC5lJf3RUaGKrH17SNXfC9Hj+2IEe5giOiEpbbuBiAfwyUAjdSaqtqZ0Io/+kgs+5PdoFoQ3NF9OKI= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722367325; c=relaxed/simple; bh=efsRQR8o7+M937jm9XSqf31e4oYLfqTtnHWftfkwL+w=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=nLOrhlmry3ovTveznmul0XDleqzWM21n71w6fyAEH+wVY18CAH5y7OyTmWXMYKhRTphuFpzrN2ST8WPP7eq33GVTehFEtpSnWjI6IbNq5qx7uQbw5rlkLKbSRDlPeQFm4jaIr4lCSMBa3RYaYMb+HyY9U9K6SLLPHH710/i16z4= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=Ish8g+XM; arc=fail smtp.client-ip=40.107.96.63 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="Ish8g+XM" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=wzzaE8DqQwMjLYTbP9rBfc/jSPRynI/TCLuAcRynIIScsbdpz9hal4qdD7QzCd/UeWLc9zILIFnNYXR8moTbZmabEU3HZpXKTV4JeQyBlJaTALPjGZVVx6WlWx4bzDIms2UBqj5aoHFK99Rf0M7H99tLxvq4rCDwti8+EmAMT3iyBRBJay1/R80aX3w/AUhRby3d0xzv4psmtKRtxjtFsPk7Xo0Mf+ey2f6a2kjeBKf+3jYgxgVFPVn8Ysx14RRfS9ajfci71Ma2dx+PW+6de4Xq3fbJ1IYqjSPgdUe3+R65UV0N9Hdk+8sPWkrkPcGkdbuL1ksVP6H387Iux6wGLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=VVua1hy7vwstWs5HWq2CyiBvATNP2CLMrAGA6PMQpFg=; b=mbvrDSuYHedPk5HRl1a7zu+oN10eitklcTwd0m1GXsapi7AWv0DbpmEZT6GzN0Q9Jb7BZIpj5aCqih913USNfGyV1sFBykw0Rl0qr+P72dXeDcLWk58yCLTRCYjK6eVlpZ2YEzFIUEhRouchQS5GCrjyn3CczvOgXZth3jccBFDeS7TNDAG3XLBOjEUTXMhMf9mLHM+DwrqOwmbBo3XSHiyuHtqelYqWAEVWwqo/Fm063ZBrS/oLc1KmE60x4PtcBx0hkWVx+kSBzcpLJuryqn4dOgB/DN94b/hX8x5k8n1sZTKoJ1zABZ9oD1lYIsoMKjw1OQCy4BplSijHRHM49Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linux.intel.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=VVua1hy7vwstWs5HWq2CyiBvATNP2CLMrAGA6PMQpFg=; b=Ish8g+XM8IqFbJcVWiWlM0wXktb/INMMdDfss5JgVFhTKrbjobQvf/h+YjKbNLAPX+lPB0VzdxLroIc6ayLXXmpI8JdkzqGrzTKg6jErweJQ3c4GT23btwbK/BD+hPJ2DzTTsj5QHfvNM3U5sfEkDT32aXSEf9+eJ1ThrKOHb8s= Received: from BN8PR16CA0031.namprd16.prod.outlook.com (2603:10b6:408:4c::44) by DS0PR12MB7803.namprd12.prod.outlook.com (2603:10b6:8:144::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7807.27; Tue, 30 Jul 2024 19:22:00 +0000 Received: from BN1PEPF00004681.namprd03.prod.outlook.com (2603:10b6:408:4c:cafe::a8) by BN8PR16CA0031.outlook.office365.com (2603:10b6:408:4c::44) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7784.34 via Frontend Transport; Tue, 30 Jul 2024 19:21:59 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BN1PEPF00004681.mail.protection.outlook.com (10.167.243.87) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7828.19 via Frontend Transport; Tue, 30 Jul 2024 19:21:59 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Tue, 30 Jul 2024 14:21:58 -0500 From: Ashish Kalra To: , , , , CC: , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v12 2/3] x86/mm: refactor __set_clr_pte_enc() Date: Tue, 30 Jul 2024 19:21:48 +0000 Message-ID: <88cc494fefac4fbe75d7bffd64ec32ad0d41a8fc.1722366144.git.ashish.kalra@amd.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: <20240614095904.1345461-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN1PEPF00004681:EE_|DS0PR12MB7803:EE_ X-MS-Office365-Filtering-Correlation-Id: ad6e6df1-4a5c-4cfb-a72d-08dcb0cce212 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|36860700013|1800799024|82310400026|7416014|376014; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?9qpLjjMxukY9nsKhY6MGzKb7s4WfZ9HfbPLMo/4aiS9SOcNwFYl54sbYeAgU?= =?us-ascii?Q?iDR/5h8RrCVhAZ4M0n9x6u++uHZw/lJchJ/MGQaSZ6dVPi6FxUFMGpLhb1Av?= =?us-ascii?Q?x1JRG7NeiBOfvVmOgwgupi7sac5KiU7a5Rez+CN4jJMTKGeALAljY8cjeW1m?= =?us-ascii?Q?aB7EIzLSvnhVcglA9/NSRmRyEKqPV1A2TlFxLHIiGN5glw7hy5NZwtOHWzgM?= =?us-ascii?Q?7iJ5TYBS7tRvWoCQ0GDt9m4QtgtBLz0X8HIqHxmfDpv7V69ynIJeQ7VMRwNz?= =?us-ascii?Q?pBTmgTHogv8LVWSzsRFrLNGtj0thoUXkFIsJKjAGQaxqvllpBuHT7J+r4DtH?= =?us-ascii?Q?cUQbmxSvuWcphEx6iwViik0Ab0RHtCYbE0UnLqWqJ1M9Fcb1z9VDPwoW+Vsu?= =?us-ascii?Q?oQWLnBFHgAZoL/OoGorirHzySVLLDocJhokV86N7lN+9MfpRCXWsq2rAghzw?= =?us-ascii?Q?xDG3ATdmkvXPEp0Tgskl0Z8aUdHpMcTiMEmZpzCkp5uqFqm7/UVJbjox5baC?= =?us-ascii?Q?BsyY8WeeT/TM3VT+WrTjltslOzEAAAta9UjkT0eAVClMq7C1sUHqqC9Xi2Wb?= =?us-ascii?Q?2O+N0gW42eOMmwauXFAUXPE7yI38kA72pPhGw0FUOJ/sIg7ezdfIeV7cdqp6?= =?us-ascii?Q?Vx+nEEsYKs1xdqRLurNVisXD3Zn0dsSH4IgsnyTpc0GwXPQXK7TnH7DczK5t?= =?us-ascii?Q?OwjH6zDEEWdoJO/p6pWcEJaZwsh8y8laJwr5NI5/GVXkbWjVpjXox/Itagw+?= =?us-ascii?Q?V4HX7P9MBygOcsVVAJVzeQQHKm9AyZlDPU8lT8m+6+uUAvESEu41UuT1Vw/v?= =?us-ascii?Q?iHCWiIWzMiChA/4F+mHfNeDgQSGh4RUgheTtzW5LQUzeXxMB5WhuoO+UBLMz?= =?us-ascii?Q?3krhQJCfmCXbyCj3m71naZhfVIw/AcCUe8RtVkMKPXqYYskglFHmlLERY1M+?= =?us-ascii?Q?8kg6m7O7Ccr4CRHq5GzQHl0qs7QFn4i5qlqTI245NJzaKCceo81P/LlUqmHP?= =?us-ascii?Q?R8mnmQ9lhrSYsU+qA5QIG8/3G3YWR261bACa+QCCAVy2JMY3TeKmK480DkSU?= =?us-ascii?Q?zegZn12fhFi2x2KX+RfLmtNLbT6qXy9cWxlTbNf9MdyiaNo4GUHFMVdM06pw?= =?us-ascii?Q?MSojzza6GO52O4ldYETvgYwXVYblcwoqhIAG+ifThy195dccJ4dqJzFaeYoO?= =?us-ascii?Q?J1H4Ovw39A5HrYFkCl41t+5dDfSB+4QMbl9W3sPuzhbOvHxpjm1cjOWLdCsU?= =?us-ascii?Q?l0d3cUxAHH4yowBsfgkfVfjuuvL/G/Rq6ci3zvHuIu7JG4XRvylPrfrDX4Ja?= =?us-ascii?Q?FA5lI6RczKyM4E9c8Ob67AVnMp5B+P6ZOMfNoiJsi9zb3mOg9SRSTsXnto/3?= =?us-ascii?Q?bitfknGNsQRJpLBkfLLleBg6+oubILqO1NpDps8tpcH5TeYQtzheugMQnaW1?= =?us-ascii?Q?SoGJEOx9kNwbGeiG6yOcCNRRseYD3fFQ?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(36860700013)(1800799024)(82310400026)(7416014)(376014);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jul 2024 19:21:59.1989 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: ad6e6df1-4a5c-4cfb-a72d-08dcb0cce212 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN1PEPF00004681.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR12MB7803 Content-Type: text/plain; charset="utf-8" From: Ashish Kalra Refactor __set_clr_pte_enc() and add two new helper functions to set/clear PTE C-bit from early SEV/SNP initialization code and later during shutdown/kexec especially when all CPUs are stopped and interrupts are disabled and set_memory_xx() interfaces can't be used. Co-developed-by: Borislav Petkov (AMD) Signed-off-by: Borislav Petkov (AMD) Signed-off-by: Ashish Kalra --- arch/x86/include/asm/sev.h | 20 ++++++++++ arch/x86/mm/mem_encrypt_amd.c | 75 +++++++++++++++++++++++------------ 2 files changed, 69 insertions(+), 26 deletions(-) diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index 79bbe2be900e..fd19a8f413d0 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -285,6 +285,22 @@ struct svsm_attest_call { u8 rsvd[4]; }; =20 +/* PTE descriptor used for the prepare_pte_enc() operations. */ +struct pte_enc_desc { + pte_t *kpte; + int pte_level; + bool encrypt; + /* pfn of the kpte above */ + unsigned long pfn; + /* physical address of @pfn */ + unsigned long pa; + /* virtual address of @pfn */ + void *va; + /* memory covered by the pte */ + unsigned long size; + pgprot_t new_pgprot; +}; + /* * SVSM protocol structure */ @@ -399,6 +415,8 @@ u64 snp_get_unsupported_features(u64 status); u64 sev_get_status(void); void sev_show_status(void); void snp_update_svsm_ca(void); +int prepare_pte_enc(struct pte_enc_desc *d); +void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot_t new_prot); =20 #else /* !CONFIG_AMD_MEM_ENCRYPT */ =20 @@ -435,6 +453,8 @@ static inline u64 snp_get_unsupported_features(u64 stat= us) { return 0; } static inline u64 sev_get_status(void) { return 0; } static inline void sev_show_status(void) { } static inline void snp_update_svsm_ca(void) { } +static inline int prepare_pte_enc(struct pte_enc_desc *d) { } +static inline void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot= _t new_prot) { } =20 #endif /* CONFIG_AMD_MEM_ENCRYPT */ =20 diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c index 86a476a426c2..f4be81db72ee 100644 --- a/arch/x86/mm/mem_encrypt_amd.c +++ b/arch/x86/mm/mem_encrypt_amd.c @@ -311,59 +311,82 @@ static int amd_enc_status_change_finish(unsigned long= vaddr, int npages, bool en return 0; } =20 -static void __init __set_clr_pte_enc(pte_t *kpte, int level, bool enc) +int prepare_pte_enc(struct pte_enc_desc *d) { - pgprot_t old_prot, new_prot; - unsigned long pfn, pa, size; - pte_t new_pte; + pgprot_t old_prot; =20 - pfn =3D pg_level_to_pfn(level, kpte, &old_prot); - if (!pfn) - return; + d->pfn =3D pg_level_to_pfn(d->pte_level, d->kpte, &old_prot); + if (!d->pfn) + return 1; =20 - new_prot =3D old_prot; - if (enc) - pgprot_val(new_prot) |=3D _PAGE_ENC; + d->new_pgprot =3D old_prot; + if (d->encrypt) + pgprot_val(d->new_pgprot) |=3D _PAGE_ENC; else - pgprot_val(new_prot) &=3D ~_PAGE_ENC; + pgprot_val(d->new_pgprot) &=3D ~_PAGE_ENC; =20 /* If prot is same then do nothing. */ - if (pgprot_val(old_prot) =3D=3D pgprot_val(new_prot)) - return; + if (pgprot_val(old_prot) =3D=3D pgprot_val(d->new_pgprot)) + return 1; =20 - pa =3D pfn << PAGE_SHIFT; - size =3D page_level_size(level); + d->pa =3D d->pfn << PAGE_SHIFT; + d->size =3D page_level_size(d->pte_level); =20 /* - * We are going to perform in-place en-/decryption and change the - * physical page attribute from C=3D1 to C=3D0 or vice versa. Flush the - * caches to ensure that data gets accessed with the correct C-bit. + * In-place en-/decryption and physical page attribute change + * from C=3D1 to C=3D0 or vice versa will be performed. Flush the + * caches to ensure that data gets accessed with the correct + * C-bit. */ - clflush_cache_range(__va(pa), size); + if (d->va) + clflush_cache_range(d->va, d->size); + else + clflush_cache_range(__va(d->pa), d->size); + + return 0; +} + +void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot_t new_prot) +{ + pte_t new_pte; + + /* Change the page encryption mask. */ + new_pte =3D pfn_pte(pfn, new_prot); + set_pte_atomic(kpte, new_pte); +} + +static void __init __set_clr_pte_enc(pte_t *kpte, int level, bool enc) +{ + struct pte_enc_desc d =3D { + .kpte =3D kpte, + .pte_level =3D level, + .encrypt =3D enc + }; + + if (prepare_pte_enc(&d)) + return; =20 /* Encrypt/decrypt the contents in-place */ if (enc) { - sme_early_encrypt(pa, size); + sme_early_encrypt(d.pa, d.size); } else { - sme_early_decrypt(pa, size); + sme_early_decrypt(d.pa, d.size); =20 /* * ON SNP, the page state in the RMP table must happen * before the page table updates. */ - early_snp_set_memory_shared((unsigned long)__va(pa), pa, 1); + early_snp_set_memory_shared((unsigned long)__va(d.pa), d.pa, 1); } =20 - /* Change the page encryption mask. */ - new_pte =3D pfn_pte(pfn, new_prot); - set_pte_atomic(kpte, new_pte); + set_pte_enc_mask(kpte, d.pfn, d.new_pgprot); =20 /* * If page is set encrypted in the page table, then update the RMP table = to * add this page as private. */ if (enc) - early_snp_set_memory_private((unsigned long)__va(pa), pa, 1); + early_snp_set_memory_private((unsigned long)__va(d.pa), d.pa, 1); } =20 static int __init early_set_memory_enc_dec(unsigned long vaddr, --=20 2.34.1 From nobody Fri Dec 19 22:01:07 2025 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (mail-dm3nam02on2048.outbound.protection.outlook.com [40.107.95.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 23DE63FE4 for ; Tue, 30 Jul 2024 19:22:31 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=40.107.95.48 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722367353; cv=fail; b=KkcpJ5LJGcwOM36eYLavxyFPdkCO6sVENHho3G5CW78PWKCdW6epBDlBKdTo548h3ZZvxj+RnJXjG0NImH5kpTzttUeEem8BGvWsoUqq4z60t6WpThALJVWFx3h+sTR8hYjyrghGdxYszhVKjJOEEjyTyNGpkw0T15Wv/MnD7as= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1722367353; c=relaxed/simple; bh=wLQ6a1yjenJ+2KEXHP824d8g90OGDbX3X4U4rDfz9N4=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=mKLnj+DwWbBBBZ7Ocur7Kk6+zqtGPU1nDhPvHrD+jNgTxQYLgAN/Z/GYdqJQdME12WlNU2o/FomVA/vphoekjBX/O9geppA/B6vAeCqQEYunzxGJs7+oaHv5P5eKTgs9Ax8nFUUU1MO1OKk5orxQkfVsdcUyxxTwVNE7d4P2d3c= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com; spf=fail smtp.mailfrom=amd.com; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b=HRX7nKi/; arc=fail smtp.client-ip=40.107.95.48 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=amd.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=amd.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=amd.com header.i=@amd.com header.b="HRX7nKi/" ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=eC01MxrCPjc+EqX9BP3cr6uHFNBhwXxwsPGoRu+R+aMS9FmASoT+7+BeYVR6U2fuHXQJ6ox9/4kz5sZPHb12wwdOI5tLAdtSExceDqRJtOjMTSh5QIYw3HLjqOC+uLoo+759yn3WRxvrogD1mBkEWnWbGE2r84PY1dVdnFn31oy+n+A2qyKA6+57QBIyLTNjpIN+WdBWI7s0Tidj+IWPC1QX/n2rVcONV3uNla30drEoAJD7iQW26td0DsYjPKHn/27xK57BGqexNYw401qIU9ncIo29VdrhFx9h48/f02OwU7KIEqIMJAYCVl12tVkJGUx3Lbb1vc2991YZgbWr5A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Cvr2QnaUEFaV5M2ehV04+cQNlQn4ROHGv+rAF/XbKyg=; b=ao/xt4+TiQfor11r47sUeZgHcXFXsEmcFuAV1cjMN7/3iyjAxyOVgjZ2IGDW33K271GfORypk3p94i57vAv5R+rxzhU3DzMJcf/cFZjfcOLoko22ftScCdT15iaWoGVoRlucRz3wyXIeRGtTigdjBrYFbcWPXOe7ZC5xQbvd0FjyPPxsMlPsVaWbCHFpXT+JmZw50CifD5cqSYm9W9zGTf6ahdtfOkf+e7xXGYxHOBZM5jpSIQKhoIg/wih44owgsVtU1DSBT0yqt6Cvvvq6lDheRTf9w6OZzxoePXpStxoi2sJLjQWVZ7L375tgdmh7K1vcGh8L5gaG0r+KrVDr+g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 165.204.84.17) smtp.rcpttodomain=linux.intel.com smtp.mailfrom=amd.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=amd.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amd.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Cvr2QnaUEFaV5M2ehV04+cQNlQn4ROHGv+rAF/XbKyg=; b=HRX7nKi/ZwmpzWmSNbUJJJp4dIMcuzQy/EuIyExV7hhchEzUHb7QMyXkPJs60CrmtuebevYmpm4GnjDaDoCwSwqRnHdtih4GcUQ8TUmc8n3ZF/Csk3qMKlbhzAFbeUfZasVMhRKHW6GMwFdxQ8rioii44GNaT+PDGZNLZjrY0Gk= Received: from BN9P222CA0025.NAMP222.PROD.OUTLOOK.COM (2603:10b6:408:10c::30) by CH3PR12MB8659.namprd12.prod.outlook.com (2603:10b6:610:17c::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7807.29; Tue, 30 Jul 2024 19:22:17 +0000 Received: from BN1PEPF0000467F.namprd03.prod.outlook.com (2603:10b6:408:10c:cafe::df) by BN9P222CA0025.outlook.office365.com (2603:10b6:408:10c::30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7784.35 via Frontend Transport; Tue, 30 Jul 2024 19:22:17 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 165.204.84.17) smtp.mailfrom=amd.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=amd.com; Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB04.amd.com; pr=C Received: from SATLEXMB04.amd.com (165.204.84.17) by BN1PEPF0000467F.mail.protection.outlook.com (10.167.243.84) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.7828.19 via Frontend Transport; Tue, 30 Jul 2024 19:22:16 +0000 Received: from ethanolx7e2ehost.amd.com (10.180.168.240) by SATLEXMB04.amd.com (10.181.40.145) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Tue, 30 Jul 2024 14:22:15 -0500 From: Ashish Kalra To: , , , , CC: , , , , , , , , , , , , , , , , , , , , , , Subject: [PATCH v12 3/3] x86/snp: Convert shared memory back to private on kexec Date: Tue, 30 Jul 2024 19:22:06 +0000 Message-ID: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: <20240614095904.1345461-1-kirill.shutemov@linux.intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: SATLEXMB03.amd.com (10.181.40.144) To SATLEXMB04.amd.com (10.181.40.145) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: BN1PEPF0000467F:EE_|CH3PR12MB8659:EE_ X-MS-Office365-Filtering-Correlation-Id: d3ed94a1-e58c-45bf-a060-08dcb0ccec57 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0;ARA:13230040|376014|82310400026|7416014|1800799024|36860700013; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?JnAW9Lsda2/6ul4PcuIGxivQ5htgM8/qvN7AIUzyYAx4PKtnJdYwOD4b929o?= =?us-ascii?Q?/RUsPUon6AyhRhbWGjgWc0wJLQ5RqP1apwTDRaAAjNWqYcn7r5S0M+cbxN4R?= =?us-ascii?Q?ylSoGAqYDsVm13G2jYEhH6EXyu2XD82YH1RiOj2tsr71CAjGHazSBoXeEYGF?= =?us-ascii?Q?L9Omh8o6GB+1EOOy147hl74EdadTF3LOf4qYa0a/cQYnqY7WA9Vu9pYDYQ8u?= =?us-ascii?Q?VA1BnstPKJ4Bn558phkT9BfWgRALkP/PH77CGLQDk0Ek1BUdYtJoAHsDXR3D?= =?us-ascii?Q?3E7Fg6Hk8QlAKilSNJlHO2Gr+OpVAeCPpaM3MA4nPvJhARCeTDWqNOhNHfVv?= =?us-ascii?Q?5Ey992wRrjgUB1uKfjn9nbSpS3KFJVwcl5JZBGOZ9vyUQOQxkH0dgZkvkN+n?= =?us-ascii?Q?4DJcUVwPLtGF6k7IAEOyyWHnSrIQDoQbheKJO/W0U34p2qgG0WVZlehb5DAU?= =?us-ascii?Q?0I8SFtjxtcT6CBIuzBd0TDqRyHeoGiG7V/nXityVDeAeyshTlcc9bVFQ7Mwh?= =?us-ascii?Q?KRTwJHjPo0OInkdKAgkmyhmddbHLTRqUDPUblvA7OLpG4aVBgiSGOdC+WeeU?= =?us-ascii?Q?En5uy2mhH9Kr72heCkDXYSR4m1k5rHdZA80/BZ31m3L+oZ7D8UtQ/3ahWWuI?= =?us-ascii?Q?wk/6c2SPWQ1UxtQPrwVHihmLwhFcmBURB5eOQGeM6KPxc0e5O9GK4/C6Si3D?= =?us-ascii?Q?uhf2+Dgn3rpB+8YMq0NcM+I4B7UtWaxp8eRo1kbAVinRkGm0ZoA3h9YMsDi3?= =?us-ascii?Q?VwvIu+EOF3Nt6vY4Pwxip8kjxvNmIz0a7eiNmzsmmX6TJUAYf9kmS39hgEsg?= =?us-ascii?Q?9mZKpmqw8zGNxuPuQPv4q/PdB1T7BMNyYJbuhU+cVefDL4a9mfrIpdCZC3ri?= =?us-ascii?Q?ZZpe43IcXDlN9bCm49O6ILJUa+oeEggZzyUp8/wE+iIc3Pmn7O4QbiKuBwHZ?= =?us-ascii?Q?iL/GICHMkGOlwTQvrAqgnvVjN1T/W3sSec28b+nR5lzOAAXQvBSNBO75gZXf?= =?us-ascii?Q?UHTy7K1i7yArMcic86qX5CXp/orNo5B1lsadKURXVfJSdKGKRhnQxAh8s+UV?= =?us-ascii?Q?f97NgUW0YU9rsNg8wG80rS2j9L6T8krEFDI07J8+j38nBvZiP0LQgklTtwpq?= =?us-ascii?Q?Wi42imWVI/u6kI2rTwP3V3JRkEq0yC3iA409AyuVGD0/RVVweLBZ5xoQpmWL?= =?us-ascii?Q?4c5boOtUv8kJrL/bP4VRCk4MTjMaf7TDGIu7z3kEddszZT7h/7yVmEZyZIz9?= =?us-ascii?Q?6no/L+yxmAkAnjvpFESaj55nOVVi7e8kskXQMveu6WlegCbWk/RTsEaLRaIT?= =?us-ascii?Q?eLxG12ZwpG707R7eKmKcChiyaSuf2LqskhmJhZ298/6CZAqCRUIJtRKoxNhZ?= =?us-ascii?Q?0RwaWwEqIJd0zHEQUg6NK0k630HVGskqwXRaUKchOnaAfzyGSNC3gG7UI8OU?= =?us-ascii?Q?NgtR1LMTrg38jPh0YvHAk/JXaY8xigpW?= X-Forefront-Antispam-Report: CIP:165.204.84.17;CTRY:US;LANG:en;SCL:1;SRV:;IPV:CAL;SFV:NSPM;H:SATLEXMB04.amd.com;PTR:InfoDomainNonexistent;CAT:NONE;SFS:(13230040)(376014)(82310400026)(7416014)(1800799024)(36860700013);DIR:OUT;SFP:1101; X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Jul 2024 19:22:16.4125 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d3ed94a1-e58c-45bf-a060-08dcb0ccec57 X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d;Ip=[165.204.84.17];Helo=[SATLEXMB04.amd.com] X-MS-Exchange-CrossTenant-AuthSource: BN1PEPF0000467F.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR12MB8659 Content-Type: text/plain; charset="utf-8" From: Ashish Kalra SNP guests allocate shared buffers to perform I/O. It is done by allocating pages normally from the buddy allocator and converting them to shared with set_memory_decrypted(). The second, kexec-ed, kernel has no idea what memory is converted this way. It only sees E820_TYPE_RAM. Accessing shared memory via private mapping will cause unrecoverable RMP page-faults. On kexec walk direct mapping and convert all shared memory back to private. It makes all RAM private again and second kernel may use it normally. Additionally for SNP guests convert all bss decrypted section pages back to private. The conversion occurs in two steps: stopping new conversions and unsharing all memory. In the case of normal kexec, the stopping of conversions takes place while scheduling is still functioning. This allows for waiting until any ongoing conversions are finished. The second step is carried out when all CPUs except one are inactive and interrupts are disabled. This prevents any conflicts with code that may access shared memory. Co-developed-by: Borislav Petkov (AMD) Signed-off-by: Borislav Petkov (AMD) Reviewed-by: Tom Lendacky Signed-off-by: Ashish Kalra --- arch/x86/coco/sev/core.c | 132 ++++++++++++++++++++++++++++++++++ arch/x86/include/asm/sev.h | 4 ++ arch/x86/mm/mem_encrypt_amd.c | 2 + 3 files changed, 138 insertions(+) diff --git a/arch/x86/coco/sev/core.c b/arch/x86/coco/sev/core.c index de1df0cb45da..4278cdbee3a5 100644 --- a/arch/x86/coco/sev/core.c +++ b/arch/x86/coco/sev/core.c @@ -1010,6 +1010,138 @@ void snp_accept_memory(phys_addr_t start, phys_addr= _t end) set_pages_state(vaddr, npages, SNP_PAGE_STATE_PRIVATE); } =20 +static void set_pte_enc(pte_t *kpte, int level, void *va) +{ + struct pte_enc_desc d =3D { + .kpte =3D kpte, + .pte_level =3D level, + .va =3D va, + .encrypt =3D true + }; + + prepare_pte_enc(&d); + set_pte_enc_mask(kpte, d.pfn, d.new_pgprot); +} + +static void unshare_all_memory(void) +{ + unsigned long addr, end, size, ghcb; + struct sev_es_runtime_data *data; + unsigned int npages, level; + bool skipped_addr; + pte_t *pte; + int cpu; + + /* Unshare the direct mapping. */ + addr =3D PAGE_OFFSET; + end =3D PAGE_OFFSET + get_max_mapped(); + + while (addr < end) { + pte =3D lookup_address(addr, &level); + size =3D page_level_size(level); + npages =3D size / PAGE_SIZE; + skipped_addr =3D false; + + if (!pte || !pte_decrypted(*pte) || pte_none(*pte)) { + addr +=3D size; + continue; + } + + /* + * Ensure that all the per-cpu GHCBs are made private at the + * end of unsharing loop so that the switch to the slower MSR + * protocol happens last. + */ + for_each_possible_cpu(cpu) { + data =3D per_cpu(runtime_data, cpu); + ghcb =3D (unsigned long)&data->ghcb_page; + + if (addr <=3D ghcb && ghcb <=3D addr + size) { + skipped_addr =3D true; + break; + } + } + + if (!skipped_addr) { + set_pte_enc(pte, level, (void *)addr); + snp_set_memory_private(addr, npages); + } + addr +=3D size; + } + + /* Unshare all bss decrypted memory. */ + addr =3D (unsigned long)__start_bss_decrypted; + end =3D (unsigned long)__start_bss_decrypted_unused; + npages =3D (end - addr) >> PAGE_SHIFT; + + for (; addr < end; addr +=3D PAGE_SIZE) { + pte =3D lookup_address(addr, &level); + if (!pte || !pte_decrypted(*pte) || pte_none(*pte)) + continue; + + set_pte_enc(pte, level, (void *)addr); + } + addr =3D (unsigned long)__start_bss_decrypted; + snp_set_memory_private(addr, npages); + + __flush_tlb_all(); +} + +/* Stop new private<->shared conversions */ +void snp_kexec_begin(void) +{ + if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) + return; + + if (!IS_ENABLED(CONFIG_KEXEC_CORE)) + return; + + /* + * Crash kernel ends up here with interrupts disabled: can't wait for + * conversions to finish. + * + * If race happened, just report and proceed. + */ + if (!set_memory_enc_stop_conversion()) + pr_warn("Failed to stop shared<->private conversions\n"); +} + +void snp_kexec_finish(void) +{ + struct sev_es_runtime_data *data; + unsigned int level, cpu; + unsigned long size; + struct ghcb *ghcb; + pte_t *pte; + + if (!cc_platform_has(CC_ATTR_GUEST_SEV_SNP)) + return; + + if (!IS_ENABLED(CONFIG_KEXEC_CORE)) + return; + + unshare_all_memory(); + + /* + * Switch to using the MSR protocol to change per-cpu + * GHCBs to private. + * All the per-cpu GHCBs have been switched back to private, + * so can't do any more GHCB calls to the hypervisor beyond + * this point till the kexec kernel starts running. + */ + boot_ghcb =3D NULL; + sev_cfg.ghcbs_initialized =3D false; + + for_each_possible_cpu(cpu) { + data =3D per_cpu(runtime_data, cpu); + ghcb =3D &data->ghcb_page; + pte =3D lookup_address((unsigned long)ghcb, &level); + size =3D page_level_size(level); + set_pte_enc(pte, level, (void *)ghcb); + snp_set_memory_private((unsigned long)ghcb, (size / PAGE_SIZE)); + } +} + static int snp_set_vmsa(void *va, void *caa, int apic_id, bool make_vmsa) { int ret; diff --git a/arch/x86/include/asm/sev.h b/arch/x86/include/asm/sev.h index fd19a8f413d0..4876ab4c7043 100644 --- a/arch/x86/include/asm/sev.h +++ b/arch/x86/include/asm/sev.h @@ -417,6 +417,8 @@ void sev_show_status(void); void snp_update_svsm_ca(void); int prepare_pte_enc(struct pte_enc_desc *d); void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot_t new_prot); +void snp_kexec_finish(void); +void snp_kexec_begin(void); =20 #else /* !CONFIG_AMD_MEM_ENCRYPT */ =20 @@ -455,6 +457,8 @@ static inline void sev_show_status(void) { } static inline void snp_update_svsm_ca(void) { } static inline int prepare_pte_enc(struct pte_enc_desc *d) { } static inline void set_pte_enc_mask(pte_t *kpte, unsigned long pfn, pgprot= _t new_prot) { } +static inline void snp_kexec_finish(void) { } +static inline void snp_kexec_begin(void) { } =20 #endif /* CONFIG_AMD_MEM_ENCRYPT */ =20 diff --git a/arch/x86/mm/mem_encrypt_amd.c b/arch/x86/mm/mem_encrypt_amd.c index f4be81db72ee..774f9677458f 100644 --- a/arch/x86/mm/mem_encrypt_amd.c +++ b/arch/x86/mm/mem_encrypt_amd.c @@ -490,6 +490,8 @@ void __init sme_early_init(void) x86_platform.guest.enc_status_change_finish =3D amd_enc_status_change_fi= nish; x86_platform.guest.enc_tlb_flush_required =3D amd_enc_tlb_flush_requir= ed; x86_platform.guest.enc_cache_flush_required =3D amd_enc_cache_flush_requ= ired; + x86_platform.guest.enc_kexec_begin =3D snp_kexec_begin; + x86_platform.guest.enc_kexec_finish =3D snp_kexec_finish; =20 /* * AMD-SEV-ES intercepts the RDMSR to read the X2APIC ID in the --=20 2.34.1